ISC2 · Official Blueprint
CC Exam Domains & Blueprint
The official ISC2 CC exam covers 5 domains. Domain weights tell you exactly how much of the exam each topic represents — and where to invest your study time.
CC Domain Weight Summary
Detailed Domain Breakdown
Domain 1: Security Principles
Covers the core concepts, terminology, and skills tested under the Security Principles section of the official exam blueprint.
Domain 2: Business Continuity, Disaster Recovery, and Incident Response
Covers the core concepts, terminology, and skills tested under the Business Continuity, Disaster Recovery, and Incident Response section of the official exam blueprint.
Domain 3: Access Controls Concepts
Covers the core concepts, terminology, and skills tested under the Access Controls Concepts section of the official exam blueprint.
Domain 4: Network Security
Covers the core concepts, terminology, and skills tested under the Network Security section of the official exam blueprint.
Domain 5: Security Operations
Incident response lifecycle, digital forensics, threat hunting, SIEM/SOAR tools, log analysis, and security automation.
How to Use Domain Weights in Your Study Plan
The heaviest domain on the CC is "Security Principles" at null%. Start here and return to it regularly.
Allocate study time proportional to domain weight — a 25% domain deserves roughly 25% of your prep hours.
Never skip a low-weight domain. A 10% domain still represents 5–7 exam questions — enough to make the difference between pass and fail.
Use JT Exams domain analytics to track your accuracy per domain automatically. The system routes extra questions to your weak areas.
Practice every CC domain
JT Exams tracks your accuracy per domain automatically and routes you toward your weakest areas — no manual configuration needed.
No credit card · Cancel anytime